Hello
It is possible to limit udp connections with ipfw ?
In freebsd docs page explained only tcp
I am truing to limit tcp,udp separately,and both wite these rules like :
But in security log i can see that only port 80 tcp connection are droped (and any other,but can't understad tcp,or udp):
It is possible to limit udp connections with ipfw ?
In freebsd docs page explained only tcp
Code:
ipfw add allow tcp from my-net/24 to any setup limit src-addr 10
ipfw add allow tcp from any to me setup limit src-addr 4
The former (assuming it runs on a gateway) will allow each host on a /24
network to open at most 10 TCP connections. The latter can be placed on
a server to make sure that a single client does not use more than 4
simultaneous connections.
I am truing to limit tcp,udp separately,and both wite these rules like :
Code:
#!/bin/sh
cmd="ipfw -q"
#--- reseting ---
$cmd flush
$cmd pipe flush
$cmd queue flush
$cmd table all flush
#----Table 1-------------------------
$cmd table 1 add net1/24
$cmd table 1 add net2/24
$cmd table 1 add net3/24
$cmd table 1 add net4/24
# ------ FW ----------------------
#$cmd add allow tcp from "table(1)" to any setup limit src-addr 200
#$cmd add allow ip from "table(1)" to any setup limit src-addr 200
#$cmd add allow udp from "table(1)" to any setup limit src-addr 200
$cmd add allow { tcp or udp } from "table(1)" to any setup limit src-addr 200
But in security log i can see that only port 80 tcp connection are droped (and any other,but can't understad tcp,or udp):
Code:
Aug 13 11:24:30 core kernel: ipfw: 1200 drop session ip:37341 -> 213.91.247.144:21416, too many entries
Aug 13 11:24:34 core kernel: ipfw: 1200 drop session ip:37357 -> 85.14.4.130:80, too many entries
Aug 13 11:24:38 core kernel: ipfw: 1200 drop session ip:37372 -> 79.124.67.133:80, too many entries
Aug 13 11:24:43 core kernel: ipfw: 1200 drop session ip:37398 -> 79.124.67.133:80, too many entries
Aug 13 11:24:44 core kernel: ipfw: 1200 drop session ip:37407 -> 79.124.67.133:80, too many entries
Aug 13 11:24:50 core kernel: ipfw: 1200 drop session ip:37430 -> 85.14.4.135:80, too many entries
core# ipfw -d show | fgrep ip | wc -l
201
core# ipfw -d show | fgrep ip | wc -l
201
core# ipfw -d show | fgrep ip | wc -l
201
core# ipfw -d show | fgrep ip | wc -l
201
core# ipfw -d show | fgrep ip | wc -l
201